Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
Melinda Shore <mshore@cisco.com> Thu, 12 February 2009 19:07 UTC
Return-Path: <mshore@cisco.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 682CA3A6AAA; Thu, 12 Feb 2009 11:07:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id obPQNCM0UU50; Thu, 12 Feb 2009 11:07:14 -0800 (PST)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 647DA3A6A06; Thu, 12 Feb 2009 11:07:14 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.38,198,1233532800"; d="scan'208";a="36893010"
Received: from rtp-dkim-1.cisco.com ([64.102.121.158]) by rtp-iport-1.cisco.com with ESMTP; 12 Feb 2009 19:07:04 +0000
Received: from rtp-core-1.cisco.com (rtp-core-1.cisco.com [64.102.124.12]) by rtp-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id n1CJ74DU017271; Thu, 12 Feb 2009 14:07:04 -0500
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by rtp-core-1.cisco.com (8.13.8/8.13.8) with ESMTP id n1CJ74kp011192; Thu, 12 Feb 2009 19:07:04 GMT
Received: from xmb-rtp-205.amer.cisco.com ([64.102.31.59]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 12 Feb 2009 14:07:04 -0500
Received: from 10.98.54.215 ([10.98.54.215]) by xmb-rtp-205.amer.cisco.com ([64.102.31.59]) with Microsoft Exchange Server HTTP-DAV ; Thu, 12 Feb 2009 19:07:03 +0000
User-Agent: Microsoft-Entourage/12.0.0.071130
Date: Thu, 12 Feb 2009 14:07:03 -0500
Subject: Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
From: Melinda Shore <mshore@cisco.com>
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
Message-ID: <C5B9DD87.327A%mshore@cisco.com>
Thread-Topic: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
Thread-Index: AcmNOUsifPOne/+8RcqFVJ7RSjvsDAAA9ChwAAH+vPc=
In-Reply-To: <07d901c98d3e$0fdb9f70$0201a8c0@nsnintra.net>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-OriginalArrivalTime: 12 Feb 2009 19:07:04.0504 (UTC) FILETIME=[179AA380:01C98D45]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=478; t=1234465624; x=1235329624; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mshore@cisco.com; z=From:=20Melinda=20Shore=20<mshore@cisco.com> |Subject:=20Re=3A=20[TLS]=20TLS=20WG=20Chair=20Comments=20o n=20draft-ietf-tls-authz-07=20 |Sender:=20 |To:=20Hannes=20Tschofenig=20<Hannes.Tschofenig@gmx.net>; bh=/LSAJvrE6lO6pI1qtybQ5XHY4ze6ZZQrACVJMTKzXqE=; b=Jf9oI/NtDK6yFHjSSfw8tb7NOrUgyBY9xKY4aUulQ+1W49lIqcww328+bi QgE5V0OiY6RT3w2Vq+gA/PKXQ5Ie4hCV2xTaExSMSM6rRVrNW97/z0ShRTgQ WOeBid+bZL;
Authentication-Results: rtp-dkim-1; header.From=mshore@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim1001 verified; );
Cc: tls@ietf.org, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Feb 2009 19:07:15 -0000
On 2/12/09 1:16 PM, "Hannes Tschofenig" <Hannes.Tschofenig@gmx.net> wrote: > The main issue I have been struggeling with these authorization extensions > inside TLS is that they happen at the wrong layer. I don't know about that - I think it really depends on how the TLS session is being used, etc. I think that the more ability traffic has to describe itself the better, and that there are some non-trivial advantages to carrying authorizations in-band. Melinda
- TLS WG Chair Comments on draft-ietf-tls-authz-07 Eric Rescorla
- Re: TLS WG Chair Comments on draft-ietf-tls-authz… Michael StJohns
- RE: TLS WG Chair Comments on draft-ietf-tls-authz… Powers Chuck-RXCP20
- Re: TLS WG Chair Comments on draft-ietf-tls-authz… Melinda Shore
- Re: TLS WG Chair Comments on draft-ietf-tls-authz… Tim Polk
- Re: TLS WG Chair Comments on draft-ietf-tls-authz… SM
- TLS WG Chair Comments on draft-ietf-tls-authz-07 Eric Rescorla
- RE: TLS WG Chair Comments on draft-ietf-tls-authz… Hallam-Baker, Phillip
- Re: TLS WG Chair Comments on draft-ietf-tls-authz… Steven M. Bellovin
- Re: [TLS] TLS WG Chair Comments on draft-ietf-tls… Alfred Hönes
- Re: [TLS] TLS WG Chair Comments on draft-ietf-tls… Angelos D. Keromytis
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Hannes Tschofenig
- Re: [TLS] TLS WG Chair Comments on draft-ietf-tls… Melinda Shore
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Hannes Tschofenig
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Josh Howlett
- Re: [TLS] TLS WG Chair Comments on draft-ietf-tls… Sam Hartman
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Hannes Tschofenig
- Re: [TLS] TLS WG Chair Comments on draft-ietf-tls… Peter Sylvester
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Josh Howlett
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Josh Howlett
- RE: TLS WG Chair Comments on draft-ietf-tls-authz… Pasi.Eronen
- Re: [TLS] TLS WG Chair Comments on draft-ietf-tls… Melinda Shore
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Kemp, David P.
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Kemp, David P.
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Hannes Tschofenig
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Hannes Tschofenig
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls… Josh Howlett